search menu icon-carat-right cmu-wordmark

CERT Coordination Center


Seagate BlackArmor device static administrator password reset vulnerability

Vulnerability Note VU#515283

Original Release Date: 2012-05-23 | Last Revised: 2012-07-18

Overview

The Seagate BlackArmor network attached storage device contains a static administrator password reset vulnerability.

Description

The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker with access to the device's management web server can directly access the webpage, http://DevicesIpAddress/d41d8cd98f00b204e9800998ecf8427e.php and reset the administrator password.

Impact

A remote unauthenticated attacker may be able to reset the administrator password of the device.

Solution

Update

The vendor has stated that updated firmware has been released that addresses this vulnerability. Updated firmware for 1, 2 and 4-bay Seagate BlackArmor devices can be found under the "Downloads" tab on vendor's support website.

The firmware versions that are reported to address this vulnerability are:
BlackArmorNAS 110: 1000.1301
BlackArmorNAS 220: 2000.1311
BlackArmorNAS 440: 4000.1391

Restrict network access

Restrict network access to the Seagate BlackArmor network attached storage devices system web interface and other devices using open protocols like HTTP.

Vendor Information

515283
Expand all

Seagate Technology LLC

Notified:  March 07, 2012 Updated:  July 17, 2012

Statement Date:   June 26, 2012

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Vendor release notes:

4000.1391:
Release Date: June 12th, 2012
File size: 36 MB

Feature Enhancement:
Complete overhaul of the Seagate Global Access service offering that includes:
· New remote share web site at seagate.tappin.com
· New mobile apps to access your BlackArmor NAS from your smartphone or tablet.

Issues addressed:
· USB-NAS backup premature completion message fixed
· Implemented security improvement for php
· Static IP address filter removed
· Improvements to DLNA aimed at the support of MKV files
· .TB hidden folders can now be deleted
· FTP over SSL in FileZilla process improvements
· iTunes compatibility

2000.1311
Release Date: June 12th, 2012
File size: 34.9 MB

Feature Enhancement:
Complete overhaul of the Seagate Global Access service offering that includes:
· New remote share web site at seagate.tappin.com
· New mobile apps to access your BlackArmor NAS from your smartphone or tablet.

Issues addressed:
· Implemented security improvement for php
· Static IP address filter removed
· Improvements to DLNA aimed at the support of MKV files
· .TB hidden folders can now be deleted
· FTP over SSL in FileZilla process improvements
· iTunes compatibility

1000.1301
Release Date: June 12th, 2012
File size: 35.5 MB

Feature Enhancement:
Complete overhaul of the Seagate Global Access service offering that includes:
· New remote share web site at seagate.tappin.com
· New mobile apps to access your BlackArmor NAS from your smartphone or tablet.

Issues addressed:
· Implemented security improvement for php
· Static IP address filter removed
· Improvements to DLNA aimed at the support of MKV files
· .TB hidden folders can now be deleted
· FTP over SSL in FileZilla process improvements
· iTunes compatibility

Vendor References

http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-110/ http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-220/ http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-440/ http://forums.seagate.com/t5/BlackArmor-NAS-Network-Storage/Announcement-New-limited-release-firmware-is-available-for-all/td-p/164862

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal 5.8 E:POC/RL:W/RC:UC
Environmental 1.6 CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Jason Ellison for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2012-2568
Date Public: 2012-05-23
Date First Published: 2012-05-23
Date Last Updated: 2012-07-18 20:11 UTC
Document Revision: 29

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.